Why do we need to take IoT security more seriously?

It goes without saying that cybersecurity is a serious concern, especially as internet and online services become more ingrained in our lives. Since the advent of Internet of Things (IoT), the number of connected devices in our homes, office and on our person is growing at a fast pace. Connected devices already outnumber human beings, and continue to propagate at a chaotic pace across many fields, including healthcare, home appliances, industrial control systems (ICS) and vehicles.

The rise of IoT brings huge advantages to businesses, consumers, government agencies and researchers in different sectors. Energy savings, better customer service, enhanced health data, improved vehicle performance and accurate crash analysis are just some of the benefits of IoT technology.

But the benefits it brings to malicious hackers and cybercriminals are enormous as well, and the IoT security nightmare has already become a cause of serious concern. In this post, I will explain how IoT security is different from traditional cybersecurity we’ve all come to know and love (or loath, if you like), and why it should be taken more seriously.

Privacy issues

IoT devices generate a lot of data. Some of this data, such as health-related information, is quite confidential and intimate, and is subject to laws and regulations such as HIPAA. Others, such as data generated by your connected toaster or light bulb, might not be very sensitive per se, but when combined with data from your smart lock, smart fridge, motion sensors… it can give away much about your life patterns and habits.

Moreover, the storage and distribution of the generated data is the issue of much debate. For most devices, the data is stored on cloud servers, and is later used by service providers to make assumptions about user interaction with devices and make decisions that will improve user experience (or at least that’s what they say).

However, regulations that are in place pertaining to the boundaries of ownership of data are not nearly enough to address the issues we’re facing with the explosion of data generation and consumption. What kind of data can vendors collect exactly (does anyone remember the connected TVs that spy on users or Hello Barbie dolls that record children’s interactions)? How much authority do vendors have over the data they collect from their consumers? Whom can they share it with? How long can they store it? What are the encryption and storage protection laws that apply to IoT data? These are just some of the questions tech experts and legislators will have to deal with very soon.

Network security issues

A considerable percentage of IoT devices are lacking proper means to protect themselves against network breaches. In some cases, this can be critical, such as a smart lock that is remotely compromised and unlocked by a malicious actor, or vulnerable baby monitors that allow hackers to pick up live feed of you children. In other cases, such as smart sensors or connected kettles, it might not be a big deal, you might argue.

Or is it?

Cyber criminals usually grab at every opportunity to exploit a vulnerability. And as far as they’re concerned, IoT security issues aren’t a “let me hack your light bulb and turn it on and off at my own will” situation (though I do admit that such an occurrence would be annoying) but rather an “I’ll compromise you light bulb and gain access to your network” opportunity. See where it’s leading?

The IoT is now responsible for many critical functionalities in the home, office and across the entire metropolitan life. And with the forecasts made by Gartner, it will only grow larger and more prominent in the coming years. It can easily run out of control and pave the way for a new wave of totally different acts of terrorism and felony. Just think about the spooky opportunities that’ll arise when driverless cars become mainstream. Remote abductions and car crashes are two things that comes to the mind. I don’t know about you, but it gives me the shivers.

As we approach singularity, more and more of our identities are being digitized and sent into the cloud, thanks in large part to IoT. IoT is the future, and it is one of the biggest things that has happened in the history of the internet. We have to prepare ourselves for the worst if we want to take advantage of the best. Taking IoT security seriously will be an important factor in this regard.

8 COMMENTS

[…] Security and privacy concerns regarding IoT are paramount issues of course, but I’ve covered that topic thoroughly previously, and I wanted to dedicate this piece to the philosophical side of things, about the balance of power between man and machine. The conclusion, I’ll leave it to you. […]

[…] having every device connected to the cloud and sending raw data over the internet can have privacy, security and legal implications, especially when dealing with sensitive data that is subject to separate regulations in different […]

[…] having every device connected to the cloud and sending raw data over the internet can have privacy, security and legal implications, especially when dealing with sensitive data that is subject to separate regulations in different […]

[…] to become a hurdle in collecting and analyzing data, especially as collected IoT data might account as sensitive and personally identifiable information, which are subject to separate regulations in different regions. “Unclear privacy guidelines make […]

[…] What we’re ignoring though, is the next wave of ransomware attacks, which will not target our files, but rather our IoT devices, which can be more dangerous and damaging, given the different nature of IoT security. […]

[…] After initially targeting individual computers the next wave of ransomware attacks does not go for our data files but instead our IoT devices. UAVs are exposed to these risks more than ever. This ransomware transformation makes it more damaging and harmful due to the special nature of IoT security. […]

TechTalks Newsletter

ABOUT US

At TechTalks, we examine trends in technology, how they affect the way we live and do business, and the problems they solve. But we also discuss the evil side of technology, the darker implications of new tech and what we need to look out for.
The idea is to be able to make the most out of the benefits provided by new tech trends and to minimize the trade-offs and costs.